x86/efi: Clarify that reset attack mitigation needs appropriate userspace
commita5c03c31af2291f13689d11760c0b59fb70c9a5a
authorMatthew Garrett <mjg59@google.com>
Tue, 16 Jan 2018 09:10:02 +0000 (16 09:10 +0000)
committerIngo Molnar <mingo@kernel.org>
Fri, 19 Jan 2018 08:17:41 +0000 (19 09:17 +0100)
tree7b29d51cf1a26a2f243bbcaa89ac53cd6956237c
parent301f55b1a9177132d2b9ce8a90bf0ae4b37bb850
x86/efi: Clarify that reset attack mitigation needs appropriate userspace

Some distributions have turned on the reset attack mitigation feature,
which is designed to force the platform to clear the contents of RAM if
the machine is shut down uncleanly. However, in order for the platform
to be able to determine whether the shutdown was clean or not, userspace
has to be configured to clear the MemoryOverwriteRequest flag on
shutdown - otherwise the firmware will end up clearing RAM on every
reboot, which is unnecessarily time consuming. Add some additional
clarity to the kconfig text to reduce the risk of systems being
configured this way.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
drivers/firmware/efi/Kconfig